diff --git a/config/config.go b/config/config.go
index 4004582..6241625 100644
--- a/config/config.go
+++ b/config/config.go
@@ -19,7 +19,11 @@ type StackConfiguration struct {
 
 var Environment = os.Getenv("STACK_ENVIRONMENT")
 
-var Config = StackConfiguration{}
+var configInternal = StackConfiguration{}
+
+func Config() StackConfiguration {
+	return configInternal
+}
 
 func GetConfigPath(filename string) string {
 	if Environment == "" {
@@ -35,11 +39,11 @@ func LoadConfig() {
 	}
 	defer file.Close()
 	dec := json.NewDecoder(file)
-	if err := dec.Decode(&Config); err != nil {
+	if err := dec.Decode(&configInternal); err != nil {
 		panic(err)
 	}
 
-	Config.ConfigLoaded = true
+	configInternal.ConfigLoaded = true
 
 	log.Printf("Loaded Config for stack " + Environment)
 }
diff --git a/config/config_test.go b/config/config_test.go
index b933c86..b50a4aa 100644
--- a/config/config_test.go
+++ b/config/config_test.go
@@ -16,52 +16,52 @@ func TestAllConfigs(t *testing.T) {
 }
 
 func SingleStackTest(t *testing.T, stack string, expected StackConfiguration) {
-	Config = StackConfiguration{}
+	configInternal = StackConfiguration{}
 
-	if Config.ConfigLoaded {
+	if Config().ConfigLoaded {
 		t.Errorf("Config.ConfigLoaded should be false before any processing")
 	}
 
-	if len(Config.AdminEmails) > 0 ||
-		Config.AdminHmacEnv != "" ||
-		Config.UserHmacEnv != "" ||
-		Config.AllowFreshAdminGeneration ||
-		Config.AuthedRateLimitConfig != "" ||
-		Config.UnauthedRateLimitConfig != "" { // Extend this IF for any other config values
+	if len(Config().AdminEmails) > 0 ||
+		Config().AdminHmacEnv != "" ||
+		Config().UserHmacEnv != "" ||
+		Config().AllowFreshAdminGeneration ||
+		Config().AuthedRateLimitConfig != "" ||
+		Config().UnauthedRateLimitConfig != "" { // Extend this IF for any other config values
 		t.Errorf("Config already has values before loading")
 	}
 
 	Environment = stack
 	LoadConfig()
 
-	if !Config.ConfigLoaded {
+	if !Config().ConfigLoaded {
 		t.Errorf("Config was not set to loaded")
 	}
 
 	// Finally test values
-	if Config.AllowFreshAdminGeneration != expected.AllowFreshAdminGeneration {
+	if Config().AllowFreshAdminGeneration != expected.AllowFreshAdminGeneration {
 		t.Errorf("AllowFreshAdminGeneration value not set properly")
 	}
 
-	for i, email := range Config.AdminEmails {
+	for i, email := range Config().AdminEmails {
 		if expected.AdminEmails[i] != email {
 			t.Errorf("AdminEmails value not set properly, expected %v at %v, was %v", expected.AdminEmails[i], i, email)
 		}
 	}
 
-	if Config.AdminHmacEnv != expected.AdminHmacEnv {
+	if Config().AdminHmacEnv != expected.AdminHmacEnv {
 		t.Errorf("AdminHmacEnv value not set properly")
 	}
 
-	if Config.UserHmacEnv != expected.UserHmacEnv {
+	if Config().UserHmacEnv != expected.UserHmacEnv {
 		t.Errorf("UserHmacEnv value not set properly")
 	}
 
-	if Config.AuthedRateLimitConfig != expected.AuthedRateLimitConfig {
+	if Config().AuthedRateLimitConfig != expected.AuthedRateLimitConfig {
 		t.Errorf("AuthedRateLimitConfig value not set properly")
 	}
 
-	if Config.UnauthedRateLimitConfig != expected.UnauthedRateLimitConfig {
+	if Config().UnauthedRateLimitConfig != expected.UnauthedRateLimitConfig {
 		t.Errorf("UnauthedRateLimitConfig value not set properly")
 	}
 
diff --git a/controllers/core/core.go b/controllers/core/core.go
index ab954c5..e31cf6d 100644
--- a/controllers/core/core.go
+++ b/controllers/core/core.go
@@ -493,7 +493,7 @@ func StarterAdmin() gin.HandlerFunc {
 			return
 		}
 
-		go util.SendEmail("Admin Created", "A new admin, "+a.Email+", has been created", config.Config.AdminEmails)
+		go util.SendEmail("Admin Created", "A new admin, "+a.Email+", has been created", config.Config().AdminEmails)
 
 		c.JSON(http.StatusOK, util.NextMsg{Next: "db verify"})
 	}
diff --git a/controllers/ratelimit.go b/controllers/ratelimit.go
index 7e26eeb..f7b6b14 100644
--- a/controllers/ratelimit.go
+++ b/controllers/ratelimit.go
@@ -119,7 +119,7 @@ var unauthLoaded = false
 func UnauthRateLimit() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		if !unauthLoaded {
-			unauthed.loadFromConfig(config.GetConfigPath(config.Config.UnauthedRateLimitConfig))
+			unauthed.loadFromConfig(config.GetConfigPath(config.Config().UnauthedRateLimitConfig))
 			unauthLoaded = true
 		}
 
@@ -145,7 +145,7 @@ var authLoaded = false
 func AuthedRateLimit() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		if !authLoaded {
-			authed.loadFromConfig(config.GetConfigPath(config.Config.AuthedRateLimitConfig))
+			authed.loadFromConfig(config.GetConfigPath(config.Config().AuthedRateLimitConfig))
 			authLoaded = true
 		}
 
diff --git a/main.go b/main.go
index cc8c2ea..6dc46d9 100644
--- a/main.go
+++ b/main.go
@@ -44,7 +44,7 @@ func main() {
 	r := gin.Default()
 
 	// Fresh admin functionality
-	if config.Config.AllowFreshAdminGeneration {
+	if config.Config().AllowFreshAdminGeneration {
 		var adminCount int64
 		database.Db.Model(models.Admin{}).Count(&adminCount)